diff --git a/README.md b/README.md
index 962a84d..f389dc0 100644
--- a/README.md
+++ b/README.md
@@ -68,14 +68,33 @@ Either you define exactly which release you install. Or you use the option ``lat
 ### Repository ([repository](https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository))
 | variable name | default value | description |
 | ------------- | ------------- | ----------- |
-| `gitea_repository_root` | `{{ gitea_home }}/repos` |  Root path for storing all repository data. It must be an absolute path. |
-| `gitea_force_private` | `false` | Force every new repository to be private. |
-| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* |
-| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) |
 | `gitea_default_branch` | `main` | Default branch name of all repositories. |
 | `gitea_default_private` | `last` | Default private when creating a new repository. [`last`, `private`, `public`] |
-| `gitea_repository_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[repository]` section of the config. |
-| `gitea_repository_upload_extra_config` | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. |
+| `gitea_default_repo_units` | *(see defaults)* | Comma separated list of default repo units. See official docs for more |
+| `gitea_disabled_repo_units` | | Comma separated list of globally disabled repo units. |
+| `gitea_disable_http_git` | `false` | Disable the ability to interact with repositories over the HTTP protocol. (true/false) |
+| `gitea_disable_stars` | `false` | Disable stars feature. |
+| `gitea_enable_push_create_org` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an org. |
+| `gitea_enable_push_create_user` | `false` | Allow users to push local repositories to Gitea and have them automatically created for an user. |
+| `gitea_force_private` | `false` | Force every new repository to be private. |
+| `gitea_user_repo_limit` | `-1` | Limit how many repos a user can have *(`-1` for unlimited)* |
+| `gitea_repository_root` | `{{ gitea_home }}/repos` |  Root path for storing all repository data. It must be an absolute path. |
+| `gitea_repository_extra_config` | | you can use this variable to pass additional config parameters in the `[repository]` section of the config. |
+| `gitea_repository_upload_extra_config` | | you can use this variable to pass additional config parameters in the `[repository.upload]` section of the config. |
+
+### Repository - Signing ([repository.signing](https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning))
+| variable name | default value | description |
+| ------------- | ------------- | ----------- |
+| `gitea_enable_repo_signing_options` | `false` | Allow to configure repo signing options |
+| `gitea_repo_signing_key` | `default` | Key to sign with. |
+| `gitea_repo_signing_name` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. |
+| `gitea_repo_signing_email` | | if a KEYID is provided as the `gitea_repo_signing_key`, use these as the Name and Email address of the signer. |
+| `gitea_repo_initial_commit` | `always` | Sign initial commit. |
+| `gitea_repo_default_trust_model` | `collaborator` | The default trust model used for verifying commits. |
+| `gitea_repo_wiki` | `never` |  Sign commits to wiki. |
+| `gitea_repo_crud_actions` | *(see defaults)* | Sign CRUD actions. |
+| `gitea_repo_merges` | *(see defaults)* | Sign merges. |
+| `gitea_enable_repo_signing_extra` | | you can use this variable to pass additional config parameters in the `[repository.signing]` section of the config. |
 
 ### UI ([ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui))
 | variable name | default value | description |
@@ -101,8 +120,8 @@ Either you define exactly which release you install. Or you use the option ``lat
 | `gitea_offline_mode` | `true` | Disables use of CDN for static files and Gravatar for profile pictures. (true/false) |
 | `gitea_lfs_server_enabled` | `false` | Enable GIT-LFS Support *(git large file storage: [git-lfs](https://git-lfs.github.com/))*. |
 | `gitea_lfs_content_path` | `{{ gitea_home }}/data/lfs` |  LFS content path. *(if it is on local storage.)* |
-| `gitea_lfs_jwt_secret` | `''` | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined |
-| `gitea_server_extra_config` | `''` | you can use this variable to pass additional config parameters in the `[server]` section of the config. |
+| `gitea_lfs_jwt_secret` |  | LFS authentication secret. Can be generated with ``gitea generate secret JWT_SECRET``. Will be autogenerated if not defined |
+| `gitea_server_extra_config` |  | you can use this variable to pass additional config parameters in the `[server]` section of the config. |
 
 ### Database ([database](https://docs.gitea.io/en-us/config-cheat-sheet/#database-database))
 | variable name | default value | description |
diff --git a/defaults/main.yml b/defaults/main.yml
index b21ee99..22b5778 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -28,15 +28,33 @@ gitea_fqdn: 'localhost'
 
 # Repository (repository)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository
-gitea_repository_root: "{{ gitea_home }}/repos"
-gitea_force_private: false
-gitea_user_repo_limit: '-1'
-gitea_disable_http_git: false
 gitea_default_branch: 'main'
 gitea_default_private: 'last'
+gitea_default_repo_units: 'repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects'
+gitea_disabled_repo_units: ''
+gitea_disable_http_git: false
+gitea_disable_stars: false
+gitea_enable_push_create_org: false
+gitea_enable_push_create_user: false
+gitea_force_private: false
+gitea_user_repo_limit: '-1'
+gitea_repository_root: "{{ gitea_home }}/repos"
 gitea_repository_extra_config: ''
 gitea_repository_upload_extra_config: ''
 
+# Repository - Signing (repository.signing)
+# -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning
+gitea_enable_repo_signing_options: false
+gitea_repo_signing_key: 'default'
+gitea_repo_signing_name: ''
+gitea_repo_signing_email: ''
+gitea_repo_initial_commit: 'always'
+gitea_repo_default_trust_model: 'collaborator'
+gitea_repo_wiki: 'never'
+gitea_repo_crud_actions: 'pubkey, twofa, parentsigned'
+gitea_repo_merges: ' pubkey, twofa, basesigned, commitssigned'
+gitea_enable_repo_signing_extra: ''
+
 # UI (ui)
 # -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui
 gitea_show_user_email: false
diff --git a/templates/gitea.ini.j2 b/templates/gitea.ini.j2
index b322dff..a6055ff 100644
--- a/templates/gitea.ini.j2
+++ b/templates/gitea.ini.j2
@@ -13,17 +13,36 @@ RUN_MODE = {{ gitea_run_mode }}
 ;
 ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository-repository
 [repository]
-ROOT                = {{ gitea_repository_root }}
-FORCE_PRIVATE       = {{ gitea_force_private | ternary('true', 'false') }}
-MAX_CREATION_LIMIT  = {{ gitea_user_repo_limit }}
-DISABLE_HTTP_GIT    = {{ gitea_disable_http_git | ternary('true', 'false') }}
-DEFAULT_BRANCH      = {{ gitea_default_branch }}
-DEFAULT_PRIVATE     = {{ gitea_default_private }}
-{{ gitea_repository_extra_config }}
+DEFAULT_BRANCH          = {{ gitea_default_branch }}
+DEFAULT_PRIVATE         = {{ gitea_default_private }}
+DEFAULT_REPO_UNITS      = {{ gitea_default_repo_units }}
+DISABLED_REPO_UNITS     = {{ gitea_disabled_repo_units }}
+DISABLE_HTTP_GIT        = {{ gitea_disable_http_git | ternary('true', 'false') }}
+DISABLE_STARS           = {{ gitea_disable_stars | ternary('true', 'false') }}
+ENABLE_PUSH_CREATE_ORG  = {{ gitea_enable_push_create_org | ternary('true', 'false') }}
+ENABLE_PUSH_CREATE_USER = {{ gitea_enable_push_create_user | ternary('true', 'false') }}
+FORCE_PRIVATE           = {{ gitea_force_private | ternary('true', 'false') }}
+MAX_CREATION_LIMIT      = {{ gitea_user_repo_limit }}
+ROOT                    = {{ gitea_repository_root }}
+{% if gitea_repository_extra_config != '' %}{{ gitea_repository_extra_config }}{% else %};{% endif %}
 ;
 [repository.upload]
 TEMP_PATH           = {{ gitea_home }}/data/tmp/uploads
-{{ gitea_repository_upload_extra_config }}
+{% if gitea_repository_upload_extra_config != '' %}{{ gitea_repository_upload_extra_config }}{% else %};{% endif %}
+;
+;{% if gitea_enable_repo_signing_options | bool %}
+; -> https://docs.gitea.io/en-us/config-cheat-sheet/#repository---signing-repositorysigning
+[repository.signing]
+SIGNING_KEY = {{ gitea_repo_signing_key }}
+SIGNING_NAME = {{ gitea_repo_signing_name }}
+SIGNING_EMAIL = {{ gitea_repo_signing_email }}
+INITIAL_COMMIT = {{ gitea_repo_initial_commit }}
+DEFAULT_TRUST_MODEL = {{ gitea_repo_default_trust_model }}
+WIKI = {{ gitea_repo_wiki }}
+CRUD_ACTIONS = {{ gitea_repo_crud_actions }}
+MERGES = {{ gitea_repo_merges }}
+{% if gitea_enable_repo_signing_extra != '' %}{{ gitea_enable_repo_signing_extra }}{% else %};{% endif %}
+;{% endif %}
 ;
 ;
 ; -> https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui